POP3 Service STLS Plaintext Command Injection

Medium Nessus Plugin ID 52610


The remote mail service allows plaintext command injection while negotiating an encrypted communications channel.


The remote POP3 service contains a software flaw in its STLS implementation that could allow a remote, unauthenticated attacker to inject commands during the plaintext protocol phase that will be executed during the ciphertext protocol phase.

Successful exploitation could allow an attacker to steal a victim's email or associated SASL (Simple Authentication and Security Layer) credentials.


Contact the vendor to see if an update is available.

See Also



Plugin Details

Severity: Medium

ID: 52610

File Name: pop3_starttls_plaintext_injection.nasl

Version: $Revision: 1.9 $

Type: remote

Family: Misc.

Published: 2011/03/10

Modified: 2017/06/12

Dependencies: 42087

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2011/03/07

Reference Information

CVE: CVE-2011-0411

BID: 46767

OSVDB: 71020, 71946

CERT: 555316